OpenCVE

An IDOR vulnerability exists in GitLab <v12.1.2, <v12.0.4, and <v11.11.6 that allowed uploading files from project archive to replace other users files potentially allowing an attacker to replace project binaries or other uploaded assets.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact None

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:S/C:N/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Gitlab	Gitlab

Configuration 1 [-]

OR	cpe:2.3:a:gitlab:gitlab:::::community:::*
	cpe:2.3:a:gitlab:gitlab:::::enterprise:::*
	cpe:2.3:a:gitlab:gitlab:::::community:::*
	cpe:2.3:a:gitlab:gitlab:::::enterprise:::*
	cpe:2.3:a:gitlab:gitlab:::::community:::*
	cpe:2.3:a:gitlab:gitlab:::::enterprise:::*

No data.

References

Link	Providers
https://gitlab.com/gitlab-org/gitlab-ce/issues/60551
https://hackerone.com/reports/534794

History

No history.

MITRE

Status: PUBLISHED

Assigner: hackerone

Published: 2019-12-18T20:59:50

Updated: 2024-08-04T19:54:53.479Z

Reserved: 2019-01-04T00:00:00

Link: CVE-2019-5469

Vulnrichment

No data.

NVD

Status : Modified

Published: 2019-12-18T21:15:14.303

Modified: 2024-11-21T04:44:59.627

Link: CVE-2019-5469

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "GitLab", "vendor": "n/a", "versions": [{"status": "affected", "version": "Fixed versions 12.1.2, 12.0.4, and 11.11.6"}]}], "descriptions": [{"lang": "en", "value": "An IDOR vulnerability exists in GitLab <v12.1.2, <v12.0.4, and <v11.11.6 that allowed uploading files from project archive to replace other users files potentially allowing an attacker to replace project binaries or other uploaded assets."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-639", "description": "Insecure Direct Object Reference (IDOR) (CWE-639)", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2019-12-18T20:59:50", "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://hackerone.com/reports/534794"}, {"tags": ["x_refsource_MISC"], "url": "https://gitlab.com/gitlab-org/gitlab-ce/issues/60551"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "support@hackerone.com", "ID": "CVE-2019-5469", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "GitLab", "version": {"version_data": [{"version_value": "Fixed versions 12.1.2, 12.0.4, and 11.11.6"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An IDOR vulnerability exists in GitLab <v12.1.2, <v12.0.4, and <v11.11.6 that allowed uploading files from project archive to replace other users files potentially allowing an attacker to replace project binaries or other uploaded assets."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Insecure Direct Object Reference (IDOR) (CWE-639)"}]}]}, "references": {"reference_data": [{"name": "https://hackerone.com/reports/534794", "refsource": "MISC", "url": "https://hackerone.com/reports/534794"}, {"name": "https://gitlab.com/gitlab-org/gitlab-ce/issues/60551", "refsource": "MISC", "url": "https://gitlab.com/gitlab-org/gitlab-ce/issues/60551"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T19:54:53.479Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://hackerone.com/reports/534794"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://gitlab.com/gitlab-org/gitlab-ce/issues/60551"}]}]}, "cveMetadata": {"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "cveId": "CVE-2019-5469", "datePublished": "2019-12-18T20:59:50", "dateReserved": "2019-01-04T00:00:00", "dateUpdated": "2024-08-04T19:54:53.479Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "matchCriteriaId": "470E2D2F-030A-49C2-AF61-DDC659EBFCC6", "versionEndExcluding": "11.11.6", "versionStartIncluding": "11.11.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "matchCriteriaId": "5F241A58-C88E-4155-AF2B-7B852465558E", "versionEndExcluding": "11.11.6", "versionStartIncluding": "11.11.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "matchCriteriaId": "62DEEA13-4D2C-436B-9780-983FC707DDF6", "versionEndExcluding": "12.0.4", "versionStartIncluding": "12.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "matchCriteriaId": "595B584B-2A5C-44F6-AC4C-51ACF913C6C5", "versionEndExcluding": "12.0.4", "versionStartIncluding": "12.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "matchCriteriaId": "99659BEC-15D0-4E75-BEBE-727FC32D9B35", "versionEndExcluding": "12.1.2", "versionStartIncluding": "12.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "matchCriteriaId": "D12A3A81-4A4F-441A-A820-F2D19B1A5C89", "versionEndExcluding": "12.1.2", "versionStartIncluding": "12.1.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An IDOR vulnerability exists in GitLab <v12.1.2, <v12.0.4, and <v11.11.6 that allowed uploading files from project archive to replace other users files potentially allowing an attacker to replace project binaries or other uploaded assets."}, {"lang": "es", "value": "Se presenta una vulnerabilidad IDOR en GitLab versiones anteriores a v12.1.2, versiones anteriores a v12.0.4 y versiones anteriores a v11.11.6, que permiti\u00f3 cargar archivos desde el archivo del proyecto para reemplazar los archivos de otros usuarios, lo que permite potencialmente a un atacante reemplazar los binarios del proyecto u otros activos cargados."}], "id": "CVE-2019-5469", "lastModified": "2024-11-21T04:44:59.627", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 5.5, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-12-18T21:15:14.303", "references": [{"source": "support@hackerone.com", "tags": ["Exploit", "Vendor Advisory"], "url": "https://gitlab.com/gitlab-org/gitlab-ce/issues/60551"}, {"source": "support@hackerone.com", "tags": ["Exploit", "Issue Tracking", "Third Party Advisory"], "url": "https://hackerone.com/reports/534794"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Vendor Advisory"], "url": "https://gitlab.com/gitlab-org/gitlab-ce/issues/60551"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Issue Tracking", "Third Party Advisory"], "url": "https://hackerone.com/reports/534794"}], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-639"}], "source": "support@hackerone.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-639"}], "source": "nvd@nist.gov", "type": "Primary"}]}